Smart Reporting GmbH is hiring a
Quality and Information Security Compliance Manager, Remote - Germany

Summary

The job is for a Quality Management and Information Security Compliance Manager in the medical device industry. The role involves overseeing QMS document control, managing CAPA processes, conducting audits, providing training, creating technical documentation, ensuring information security compliance, delivering management reports, and coordinating InfoSec and GDPR trainings.

Requirements

• Profound experience in Quality Management for Medical Devices
• Familiarity with ISO 13485, European Medical Device Regulation, ISO 14971, norms like ISO 62304, ISO 62366, corresponding guidance documents and their application
• Confident to find the right balance between building an audited QMS for Software as a Medical Device while keeping it lean for swift and agile operations
• Comfortable with the coordination of processes and guiding your colleagues in the application of the QMS and ISMS
• Basic understanding of common technical and organisational measures relating to information security. Familiarity with the requirements of ISO27001

Responsibilities

• Act as Quality Management Representative, overseeing QMS document control, creation, revision, and approval
• Manage CAPA processes, ensuring nonconformities are identified and addressed
• Organize and manage internal and external audits
• Provide QMS training and support to employees
• Conduct management reviews, presenting QMS compliance and effectiveness
• Guide teams on QMS processes
• Create and review technical documentation per EU 2017/745 (MDR), non-EU country regulations, US FDA 21 CFR and medical device regulations of other regions
• Conduct risk management for Smart Reporting products according to ISO 14971
• Act as Information Security Compliance Manager, coordinating with external officers and internal teams to ensure compliance with standards including ISO27001:2022, BSI C5, NIS 2, StateRAMP, DSPT, Cyber Essentials Plus, GDPR, and HIPAA
• Take ownership of our Information Security Management System (ISMS), keeping documentation, guidelines, SOPs and working instructions up to date and in line with all applicable requirements
• Conduct security audits and vulnerability scans, and manage remediation of findings
• Deliver management reports and annual security submissions
• Track risk management and InfoSec changes according to ISO27001
• Coordinate InfoSec and GDPR trainings, and manage supplier evaluations

Preferred Qualifications

Business fluent in German and English and strong overall communication skills

Benefits

• Professional development opportunities
• Flexible working hours
• Up to 100% Remote work possible
• Competitive compensation
• 30 days paid vacation
• LinkedIn Learning licenses and individual development budget to support your professional growth
• Regular Company Events, Jobticket, Jobrad, and further Benefits